From owner-freebsd-questions  Wed Nov 12 16:25:02 1997
Return-Path: <owner-freebsd-questions>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id QAA23768
          for questions-outgoing; Wed, 12 Nov 1997 16:25:02 -0800 (PST)
          (envelope-from owner-freebsd-questions)
Received: from whistle.com (s205m131.whistle.com [207.76.205.131])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id QAA23757
          for <questions@FreeBSD.ORG>; Wed, 12 Nov 1997 16:24:58 -0800 (PST)
          (envelope-from archie@whistle.com)
Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id QAA07629; Wed, 12 Nov 1997 16:24:26 -0800 (PST)
Received: from bubba.whistle.com(207.76.205.7) by whistle.com via smap (V1.3)
	id sma007625; Wed Nov 12 16:24:22 1997
Received: (from archie@localhost) by bubba.whistle.com (8.8.5/8.6.12) id QAA11868; Wed, 12 Nov 1997 16:24:22 -0800 (PST)
From: Archie Cobbs <archie@whistle.com>
Message-Id: <199711130024.QAA11868@bubba.whistle.com>
Subject: Re: divert socket problem
In-Reply-To: <346A0C1E.687@eos.ncsu.edu> from Feiyi Wang at "Nov 12, 97 03:05:50 pm"
To: fwang2@eos.ncsu.edu (Feiyi Wang)
Date: Wed, 12 Nov 1997 16:24:22 -0800 (PST)
Cc: questions@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL31 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


Feiyi Wang writes:
> 
> I am playing with DIVERT socket. Basically, I want to divert a
> particular protocol stream to another port, and read it from my program.
> The firewall rules I am using is pretty simple. 89 is the protocol
> number.
> 
> /sbin/ipfw -f flush
> /sbin/ipfw divert 50000 89 from any to any
> /sbin/ipfw pass all from any to any
> 
> From /sbin/ipfw show, I can see there ARE packets which match the rule 2
> and diverted. But I can't read anything, recvfrom() blocks.  Am I
> missing something here? Anybody can help me out?
> 
> sockfd = socket(AF_INET,SOCK_RAW, IPPROTO_DIVERT)
> 
> addr.sin_family = AF_INET
> addr.sin_addr.s_addr=INADDR_ANY
> addr.sin_port=50000 
> 
> bind(sockfd, (struct sockaddr *)&addr, sizeof addr)
> 
> readfrom(sockfd, ....)

Hmm.. it looks like this should work alright.

 1. Did you compile your kernel with "options DIVERT" ?
 2. Are you checking the return values from socket(), bind(), readfrom()..?

If #1 and #2 are OK (sounds like it), then..

 3. What version of FreeBSD are you using?

-Archie

___________________________________________________________________________
Archie Cobbs   *   Whistle Communications, Inc.  *   http://www.whistle.com